diff --git a/includes/ajaxHandler.class.php b/includes/ajaxHandler.class.php index 684ebec0..b725a738 100644 --- a/includes/ajaxHandler.class.php +++ b/includes/ajaxHandler.class.php @@ -698,8 +698,6 @@ class AjaxHandler if (!strlen($key)) return 'empty option name given'; - if (!strlen($val)) - return 'empty value given'; if (preg_match('/[^a-z0-9_\.\-]/i', $key, $m)) return 'invalid chars in option name: "'.$m[0].'"'; @@ -718,20 +716,14 @@ class AjaxHandler if (!strlen($key)) return 'empty option name given'; - if (!strlen($val)) - return 'empty value given'; - - if (substr($key, 0, 4) == 'CFG_') - $key = substr($key, 4); $flags = DB::Aowow()->selectCell('SELECT `flags` FROM ?_config WHERE `key` = ?', $key); if (!$flags) return 'configuration option not found'; - if (preg_match('/[^a-z0-9_\-]/i', $key, $m)) - return 'invalid chars in option name: "'.$m[0].'"'; - - if ($flags & CON_FLAG_TYPE_INT && !preg_match('/^-?\d+$/i', $val)) + if (!($flags & CON_FLAG_TYPE_STRING) && !strlen($val)) + return 'empty value given'; + else if ($flags & CON_FLAG_TYPE_INT && !preg_match('/^-?\d+$/i', $val)) return "value must be integer"; else if ($flags & CON_FLAG_TYPE_FLOAT && !preg_match('/^-?\d*(,|.)?\d+$/i', $val)) return "value must be float"; diff --git a/includes/kernel.php b/includes/kernel.php index 021a05b7..a6b61e62 100644 --- a/includes/kernel.php +++ b/includes/kernel.php @@ -68,12 +68,15 @@ if (!empty($AoWoWconf['characters'])) $sets = DB::isConnectable(DB_AOWOW) ? DB::Aowow()->select('SELECT `key` AS ARRAY_KEY, `value`, `flags` FROM ?_config') : []; foreach ($sets as $k => $v) { - // this should not have been possible - if (!strlen($v['value'])) - continue; - $php = $v['flags'] & CON_FLAG_PHP; + // this should not have been possible + if (!strlen($v['value']) && !($v['flags'] & CON_FLAG_TYPE_STRING) && !$php) + { + Util::addNote(U_GROUP_ADMIN | U_GROUP_DEV, 'Kernel: Aowow config value CFG_'.strtoupper($k).' is empty - config will not be used!'); + continue; + } + if ($v['flags'] & CON_FLAG_TYPE_INT) $val = intVal($v['value']); else if ($v['flags'] & CON_FLAG_TYPE_FLOAT) @@ -82,9 +85,14 @@ foreach ($sets as $k => $v) $val = (bool)$v['value']; else if ($v['flags'] & CON_FLAG_TYPE_STRING) $val = preg_replace('/[^\p{L}0-9~\s_\-\'\/\.:,]/ui', '', $v['value']); - else + else if ($php) { - Util::addNote(U_GROUP_ADMIN | U_GROUP_DEV, 'Kernel: '.($php ? 'PHP' : 'Aowow').' config value '.($php ? strtolower($k) : 'CFG_'.strtoupper($k)).' has no type set. Value forced to 0!'); + Util::addNote(U_GROUP_ADMIN | U_GROUP_DEV, 'Kernel: PHP config value '.strtolower($k).' has no type set - config will not be used!'); + continue; + } + else // if (!$php) + { + Util::addNote(U_GROUP_ADMIN | U_GROUP_DEV, 'Kernel: Aowow config value CFG_'.strtoupper($k).' has no type set - value forced to 0!'); $val = 0; } @@ -149,6 +157,9 @@ if (!CLI) die('error: SITE_HOST or STATIC_HOST not configured'); // Setup Session + if (CFG_SESSION_CACHE_DIR && Util::checkOrCreateDirectory(CFG_SESSION_CACHE_DIR)) + session_save_path(CFG_SESSION_CACHE_DIR); + session_set_cookie_params(15 * YEAR, '/', '', $secure, true); session_cache_limiter('private'); session_start(); diff --git a/includes/user.class.php b/includes/user.class.php index e4e67df8..b0dc04a0 100644 --- a/includes/user.class.php +++ b/includes/user.class.php @@ -39,7 +39,7 @@ class User // check IP bans if ($ipBan = DB::Aowow()->selectRow('SELECT count, unbanDate FROM ?_account_bannedips WHERE ip = ? AND type = 0', self::$ip)) { - if ($ipBan['count'] > CFG_FAILED_AUTH_COUNT && $ipBan['unbanDate'] > time()) + if ($ipBan['count'] > CFG_ACC_FAILED_AUTH_COUNT && $ipBan['unbanDate'] > time()) return false; else if ($ipBan['unbanDate'] <= time()) DB::Aowow()->query('DELETE FROM ?_account_bannedips WHERE ip = ?', self::$ip); @@ -213,7 +213,7 @@ class User $user = 0; $hash = ''; - switch (CFG_AUTH_MODE) + switch (CFG_ACC_AUTH_MODE) { case AUTH_MODE_SELF: { @@ -223,11 +223,11 @@ class User // handle login try limitation $ip = DB::Aowow()->selectRow('SELECT ip, count, unbanDate FROM ?_account_bannedips WHERE type = 0 AND ip = ?', self::$ip); if (!$ip || $ip['unbanDate'] < time()) // no entry exists or time expired; set count to 1 - DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 0, 1, UNIX_TIMESTAMP() + ?d)', self::$ip, CFG_FAILED_AUTH_EXCLUSION); + DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 0, 1, UNIX_TIMESTAMP() + ?d)', self::$ip, CFG_ACC_FAILED_AUTH_BLOCK); else // entry already exists; increment count - DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ?', CFG_FAILED_AUTH_EXCLUSION, self::$ip); + DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ?', CFG_ACC_FAILED_AUTH_BLOCK, self::$ip); - if ($ip && $ip['count'] >= CFG_FAILED_AUTH_COUNT && $ip['unbanDate'] >= time()) + if ($ip && $ip['count'] >= CFG_ACC_FAILED_AUTH_COUNT && $ip['unbanDate'] >= time()) return AUTH_IPBANNED; $query = DB::Aowow()->SelectRow(' diff --git a/includes/utilities.php b/includes/utilities.php index a8827cad..a362bb0d 100644 --- a/includes/utilities.php +++ b/includes/utilities.php @@ -18,6 +18,8 @@ class SimpleXML extends SimpleXMLElement class Util { + const FILE_ACCESS = 0755; + public static $resistanceFields = array( null, 'resHoly', 'resFire', 'resNature', 'resFrost', 'resShadow', 'resArcane' ); @@ -688,6 +690,10 @@ class Util 'large' => 'style="background-image: url(%s/images/wow/icons/large/%s.jpg)"', ); + public static $configCats = array( + 'Site', 'Caching', 'Account', 'Session', 'Site Reputation', 'Other' + ); + public static $tcEncoding = '0zMcmVokRsaqbdrfwihuGINALpTjnyxtgevElBCDFHJKOPQSUWXYZ123456789'; public static $wowheadLink = ''; private static $notes = []; @@ -1705,6 +1711,21 @@ class Util return json_encode($data, $flags); } + + public static function checkOrCreateDirectory($path) + { + // remove multiple slashes + $path = preg_replace('|/+|', '/', $path); + + if (!is_dir($path) && !@mkdir($path, self::FILE_ACCESS, true)) + self::addNote(U_GROUP_EMPLOYEE, 'could not create directory: '.$path); + else if (!is_writable($path) && !@chmod($path, self::FILE_ACCESS)) + self::addNote(U_GROUP_EMPLOYEE, 'cannot write into directory: '.$path); + else + return true; + + return false; + } } ?> diff --git a/index.php b/index.php index 20ae26ee..9cc47359 100644 --- a/index.php +++ b/index.php @@ -109,6 +109,7 @@ switch ($pageCall) case 'cookie': // lossless cookies and user settings case 'contactus': case 'comment': + // case 'filter': // just a note: this would be accessed from filtrable pages as ?filter=typeStr (with POST-data) and forwards back to page with GET-data .. why? Hell if i know.. case 'go-to-comment': // find page the comment is on and forward case 'locale': // subdomain-workaround, change the language if (($_ = (new AjaxHandler($pageParam))->handle($pageCall)) !== null) diff --git a/pages/account.php b/pages/account.php index 7261f46b..5f87f98b 100644 --- a/pages/account.php +++ b/pages/account.php @@ -73,7 +73,7 @@ class AccountPage extends GenericPage switch ($this->category[0]) { case 'forgotpassword': - if (CFG_AUTH_MODE != AUTH_MODE_SELF) // only recover own accounts + if (CFG_ACC_AUTH_MODE != AUTH_MODE_SELF) // only recover own accounts $this->error(); $this->tpl = 'acc-recover'; @@ -85,7 +85,7 @@ class AccountPage extends GenericPage $this->head = sprintf(Lang::account('recoverPass'), $nStep); break; case 'forgotusername': - if (CFG_AUTH_MODE != AUTH_MODE_SELF) // only recover own accounts + if (CFG_ACC_AUTH_MODE != AUTH_MODE_SELF) // only recover own accounts $this->error(); $this->tpl = 'acc-recover'; @@ -123,7 +123,7 @@ class AccountPage extends GenericPage break; case 'signup': - if (!CFG_ALLOW_REGISTER || CFG_AUTH_MODE != AUTH_MODE_SELF) + if (!CFG_ACC_ALLOW_REGISTER || CFG_ACC_AUTH_MODE != AUTH_MODE_SELF) $this->error(); $this->tpl = 'acc-signUp'; @@ -142,7 +142,7 @@ class AccountPage extends GenericPage { $nStep = 2; DB::Aowow()->query('UPDATE ?_account SET status = ?d WHERE token = ?', ACC_STATUS_OK, $_GET['token']); - DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 1, ?d + 1, UNIX_TIMESTAMP() + ?d)', User::$ip, CFG_FAILED_AUTH_COUNT, CFG_FAILED_AUTH_EXCLUSION); + DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 1, ?d + 1, UNIX_TIMESTAMP() + ?d)', User::$ip, CFG_ACC_FAILED_AUTH_COUNT, CFG_ACC_FAILED_AUTH_BLOCK); Util::gainSiteReputation($newId, SITEREP_ACTION_REGISTER); @@ -371,7 +371,7 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup return Lang::account('accInactive'); case AUTH_IPBANNED: User::destroy(); - return sprintf(Lang::account('loginExceeded'), Util::formatTime(CFG_FAILED_AUTH_EXCLUSION * 1000)); + return sprintf(Lang::account('loginExceeded'), Util::formatTime(CFG_ACC_FAILED_AUTH_BLOCK * 1000)); case AUTH_INTERNAL_ERR: User::destroy(); return Lang::main('intError'); @@ -403,10 +403,10 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup // limit account creation $ip = DB::Aowow()->selectRow('SELECT ip, count, unbanDate FROM ?_account_bannedips WHERE type = 1 AND ip = ?', User::$ip); - if ($ip && $ip['count'] >= CFG_FAILED_AUTH_COUNT && $ip['unbanDate'] >= time()) + if ($ip && $ip['count'] >= CFG_ACC_FAILED_AUTH_COUNT && $ip['unbanDate'] >= time()) { - DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ? AND type = 1', CFG_FAILED_AUTH_EXCLUSION, User::$ip); - return sprintf(Lang::account('signupExceeded'), Util::formatTime(CFG_FAILED_AUTH_EXCLUSION * 1000)); + DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ? AND type = 1', CFG_ACC_FAILED_AUTH_BLOCK, User::$ip); + return sprintf(Lang::account('signupExceeded'), Util::formatTime(CFG_ACC_FAILED_AUTH_BLOCK * 1000)); } // username taken @@ -424,18 +424,18 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup $this->_post['remember_me'] != 'yes', User::$localeId, ACC_STATUS_NEW, - CFG_ACCOUNT_CREATE_SAVE_DECAY, + CFG_ACC_CREATE_SAVE_DECAY, $token ); if (!$id) // something went wrong return Lang::main('intError'); - else if ($_ = $this->sendMail(Lang::mail('accConfirm', 0), sprintf(Lang::mail('accConfirm', 1), $token), CFG_ACCOUNT_CREATE_SAVE_DECAY)) + else if ($_ = $this->sendMail(Lang::mail('accConfirm', 0), sprintf(Lang::mail('accConfirm', 1), $token), CFG_ACC_CREATE_SAVE_DECAY)) { // success:: update ip-bans if (!$ip || $ip['unbanDate'] < time()) - DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 1, 1, UNIX_TIMESTAMP() + ?d)', User::$ip, CFG_FAILED_AUTH_EXCLUSION); + DB::Aowow()->query('REPLACE INTO ?_account_bannedips (ip, type, count, unbanDate) VALUES (?, 1, 1, UNIX_TIMESTAMP() + ?d)', User::$ip, CFG_ACC_FAILED_AUTH_BLOCK); else - DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ? AND type = 1', CFG_FAILED_AUTH_EXCLUSION, User::$ip); + DB::Aowow()->query('UPDATE ?_account_bannedips SET count = count + 1, unbanDate = UNIX_TIMESTAMP() + ?d WHERE ip = ? AND type = 1', CFG_ACC_FAILED_AUTH_BLOCK, User::$ip); return $_; } @@ -443,11 +443,11 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup private function doRecoverPass() { - if ($_ = $this->initRecovery(ACC_STATUS_RECOVER_PASS, CFG_ACCOUNT_RECOVERY_DECAY, $token)) + if ($_ = $this->initRecovery(ACC_STATUS_RECOVER_PASS, CFG_ACC_RECOVERY_DECAY, $token)) return $_; // send recovery mail - return $this->sendMail(Lang::mail('resetPass', 0), sprintf(Lang::mail('resetPass', 1), $token), CFG_ACCOUNT_RECOVERY_DECAY); + return $this->sendMail(Lang::mail('resetPass', 0), sprintf(Lang::mail('resetPass', 1), $token), CFG_ACC_RECOVERY_DECAY); } private function doResetPass() @@ -475,11 +475,11 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup private function doRecoverUser() { - if ($_ = $this->initRecovery(ACC_STATUS_RECOVER_USER, CFG_ACCOUNT_RECOVERY_DECAY, $token)) + if ($_ = $this->initRecovery(ACC_STATUS_RECOVER_USER, CFG_ACC_RECOVERY_DECAY, $token)) return $_; // send recovery mail - return $this->sendMail(Lang::mail('recoverUser', 0), sprintf(Lang::mail('recoverUser', 1), $token), CFG_ACCOUNT_RECOVERY_DECAY); + return $this->sendMail(Lang::mail('recoverUser', 0), sprintf(Lang::mail('recoverUser', 1), $token), CFG_ACC_RECOVERY_DECAY); } private function initRecovery($type, $delay, &$token) diff --git a/pages/admin.php b/pages/admin.php index f8a3726c..245a1537 100644 --- a/pages/admin.php +++ b/pages/admin.php @@ -60,12 +60,13 @@ class AdminPage extends GenericPage private function handleConfig() { $this->addCSS(array( - ['string' => '.grid input[type=\'text\'] { width:250px; }'], + ['string' => '.grid input[type=\'text\'], .grid input[type=\'number\'] { width:250px; text-align:left; }'], ['string' => '.grid input[type=\'button\'] { width:65px; padding:2px; }'], - ['string' => '.disabled { opacity:0.4 !important; }'], ['string' => '.grid a.tip { margin:0px 5px; opacity:0.8; }'], ['string' => '.grid a.tip:hover { opacity:1; }'], - ['string' => '.status { position:absolute; right:5px; }'], + ['string' => '.grid tr { height:30px; }'], + ['string' => '.grid .disabled { opacity:0.4 !important; }'], + ['string' => '.grid .status { position:absolute; right:5px; }'], )); // well .. fuck! @@ -256,7 +257,7 @@ class AdminPage extends GenericPage } else if (node.tagName == 'INPUT') // string or numeric { - if (node.value.search(/[^\d\s\/\*\-\+\.]/i) == -1) + if (node.value && node.value.search(/[^\d\s\/\*\-\+\.]/i) == -1) node.value = eval(node.value); value = node.value; @@ -264,7 +265,7 @@ class AdminPage extends GenericPage value = value.toString().trim(); - if (!value.length) + if (!value.length && (node.tagName != 'INPUT' || node.type != 'text')) { $WH.ae(_status, createStatusIcon('value is empty')); return; @@ -298,7 +299,7 @@ class AdminPage extends GenericPage else if (node.tagName == 'SELECT') // opt-list $(node).find('option').each(function(idx, opt) { opt.selected = opt.value == val; }); else if (node.tagName == 'INPUT') // string or numeric - node.value = val; + node.value = node.type == 'text' ? val : eval(val); } function cfg_remove(id) @@ -339,42 +340,27 @@ class AdminPage extends GenericPage $head = ''; - // for aowow - if ($rows = DB::Aowow()->select('SELECT * FROM ?_config WHERE (flags & ?d) = 0 ORDER BY `key` ASC', CON_FLAG_PHP)) + foreach (Util::$configCats as $id => $catName) + if ($rows = DB::Aowow()->select('SELECT * FROM ?_config WHERE cat = ?d ORDER BY `flags`DESC, `key` ASC', $id)) { $buff = $head; foreach ($rows as $r) $buff .= $this->configAddRow($r); + if ($id == 5) //cat: misc + $buff .= ''; + $buff .= '
KeyValueOptions
new configuration
'; $this->lvTabs[] = array( 'file' => null, 'data' => $buff, 'params' => array( - 'name' => 'Aowow', - 'id' => 'aowow' + 'name' => $catName, + 'id' => Util::urlize($catName) ) ); } - - // for php - $rows = DB::Aowow()->select('SELECT * FROM ?_config WHERE flags & ?d ORDER BY `key` ASC', CON_FLAG_PHP); - $buff = $head; - foreach ($rows as $r) - $buff .= $this->configAddRow($r); - - $buff .= 'new configuration'; - $buff .= ''; - - $this->lvTabs[] = array( - 'file' => null, - 'data' => $buff, - 'params' => array( - 'name' => 'PHP', - 'id' => 'php' - ) - ); } private function handlePhpInfo() @@ -490,7 +476,7 @@ class AdminPage extends GenericPage { $buff = ''; $info = explode(' - ', $r['comment']); - $key = $r['flags'] & CON_FLAG_PHP ? strtolower($r['key']) : 'CFG_'.strtoupper($r['key']); + $key = $r['flags'] & CON_FLAG_PHP ? strtolower($r['key']) : strtoupper($r['key']); // name if (!empty($info[1])) @@ -522,7 +508,7 @@ class AdminPage extends GenericPage $buff .= ''; } else - $buff .= ''; + $buff .= ''; // actions $buff .= ''; diff --git a/pages/genericPage.class.php b/pages/genericPage.class.php index f1e2be26..4b9be014 100644 --- a/pages/genericPage.class.php +++ b/pages/genericPage.class.php @@ -88,6 +88,9 @@ class GenericPage { $this->time = microtime(true); + if (CFG_CACHE_DIR && Util::checkOrCreateDirectory(CFG_CACHE_DIR)) + $this->cacheDir = substr(CFG_CACHE_DIR, -1) != '/' ? CFG_CACHE_DIR.'/' : CFG_CACHE_DIR; + // force page refresh if (isset($_GET['refresh']) && User::isInGroup(U_GROUP_ADMIN | U_GROUP_BUREAU | U_GROUP_DEV)) { diff --git a/setup/db_structure.sql b/setup/db_structure.sql index 939d8054..1ecf4c50 100644 --- a/setup/db_structure.sql +++ b/setup/db_structure.sql @@ -376,6 +376,7 @@ DROP TABLE IF EXISTS `aowow_config`; CREATE TABLE `aowow_config` ( `key` varchar(25) NOT NULL, `value` varchar(255) NOT NULL, + `cat` tinyint(3) unsigned NOT NULL DEFAULT '5', `flags` tinyint(3) unsigned NOT NULL DEFAULT '0', `comment` varchar(255) NOT NULL, PRIMARY KEY (`key`) @@ -2282,7 +2283,7 @@ UNLOCK TABLES; LOCK TABLES `aowow_config` WRITE; /*!40000 ALTER TABLE `aowow_config` DISABLE KEYS */; -INSERT INTO `aowow_config` VALUES ('sql_limit_search','500',129,'default: 500 - max results for search'),('sql_limit_default','300',129,'default: 300 - max results for listviews'),('sql_limit_quicksearch','10',129,'default: 10 - max results for suggestions'),('sql_limit_none','0',129,'default: 0 - unlimited results (i wouldn\'t change that mate)'),('ttl_rss','60',129,'default: 60 - time to live for RSS (in seconds)'),('cache_decay','25200',129,'default: 60 * 60 * 7 - time to keep cache in seconds'),('session_timeout_delay','3600',129,'default: 60 * 60 - non-permanent session times out in time() + X'),('failed_auth_exclusion','900',129,'default: 15 * 60 - how long an account is closed after exceeding failed_auth_count (in seconds)'),('failed_auth_count','5',129,'default: 5 - how often invalid passwords are tolerated'),('name','Aowow Database Viewer (ADV)',136,' - website title'),('name_short','Aowow',136,' - feed title'),('board_url','http://www.wowhead.com/forums?board=',136,' - another halfbaked javascript thing..'),('contact_email','feedback@aowow.org',136,' - displayed sender for auth-mails, ect'),('battlegroup','Pure Pwnage',136,' - pretend, we belong to a battlegroup to satisfy profiler-related Jscripts'),('allow_register','1',132,'default: 1 - allow/disallow account creation (requires auth_mode 0)'),('debug','0',132,'default: 0 - disable cache, enable sql-errors, enable error_reporting'),('maintenance','1',132,'default: 0 - display brb gnomes and block access for non-staff'),('auth_mode','0',145,'default: 0 - source to auth against - 0:aowow, 1:TC auth-table, 2:external script'),('rep_req_upvote','125',129,'default: 125 - required reputation to upvote comments'),('rep_req_downvote','250',129,'default: 250 - required reputation to downvote comments'),('rep_req_comment','75',129,'default: 75 - required reputation to write a comment / reply'),('rep_req_supervote','2500',129,'default: 2500 - required reputation for double vote effect'),('rep_req_votemore_base','2000',129,'default: 2000 - gains more votes past this threshold'),('rep_reward_register','100',129,'default: 100 - activated an account'),('rep_reward_upvoted','5',129,'default: 5 - comment received upvote'),('rep_reward_downvoted','0',129,'default: 0 - comment received downvote'),('rep_reward_good_report','10',129,'default: 10 - filed an accepted report'),('rep_reward_bad_report','0',129,'default: 0 - filed a rejected report'),('rep_reward_dailyvisit','5',129,'default: 5 - daily visit'),('rep_reward_user_warned','-50',129,'default: -50 - moderator imposed a warning'),('rep_reward_comment','1',129,'default: 1 - created a comment (not a reply) '),('rep_req_premium','25000',129,'default: 25000 - required reputation for premium status through reputation'),('rep_reward_upload','10',129,'default: 10 - suggested / uploaded video / screenshot was approved'),('rep_reward_article','100',129,'default: 100 - submitted an approved article/guide'),('rep_reward_user_suspended','-200',129,'default: -200 - moderator revoked rights'),('user_max_votes','50',129,'default: 50 - vote limit per day'),('rep_req_votemore_add','250',129,'default: 250 - required reputation per additional vote past threshold'),('force_ssl','0',132,'default: 0 - enforce SSL, if the server is behind a load balancer'),('cache_mode','1',161,'default: 1 - set cache method - 0:filecache, 1:memcached'),('locales','333',161,'default: 0x14D - allowed locales - 0:English, 2:French, 3:German, 6:Spanish, 8:Russian'),('account_create_save_decay','604800',129,'default: 604800 - time in wich an unconfirmed account cannot be overwritten by new registrations'),('account_recovery_decay','300',129,'default: 300 - time to recover your account and new recovery requests are blocked'),('serialize_precision','4',65,' - some derelict code, probably unused'),('screenshot_min_size','200',129,'default: 200 - minimum dimensions of uploaded screenshots in px (yes, it\'s square)'),('site_host','',136,' - points js to executable files'),('static_host','',136,' - points js to images & scripts'),('memory_limit','2048M',200,'default: 2048M - parsing spell.dbc is quite intense'); +INSERT INTO `aowow_config` VALUES ('sql_limit_search','500',0,129,'default: 500 - max results for search'),('sql_limit_default','300',0,129,'default: 300 - max results for listviews'),('sql_limit_quicksearch','10',0,129,'default: 10 - max results for suggestions'),('sql_limit_none','0',0,129,'default: 0 - unlimited results (i wouldn\'t change that mate)'),('ttl_rss','60',0,129,'default: 60 - time to live for RSS (in seconds)'),('name','Aowow Database Viewer (ADV)',0,136,' - website title'),('name_short','Aowow',0,136,' - feed title'),('board_url','http://www.wowhead.com/forums?board=',0,136,' - another halfbaked javascript thing..'),('contact_email','feedback@aowow.org',0,136,' - displayed sender for auth-mails, ect'),('battlegroup','Pure Pwnage',0,136,' - pretend, we belong to a battlegroup to satisfy profiler-related Jscripts'),('debug','0',0,132,'default: 0 - disable cache, enable sql-errors, enable error_reporting'),('maintenance','1',0,132,'default: 0 - display brb gnomes and block access for non-staff'),('user_max_votes','50',0,129,'default: 50 - vote limit per day'),('force_ssl','0',0,132,'default: 0 - enforce SSL, if the server is behind a load balancer'),('locales','333',0,161,'default: 0x14D - allowed locales - 0:English, 2:French, 3:German, 6:Spanish, 8:Russian'),('screenshot_min_size','200',0,129,'default: 200 - minimum dimensions of uploaded screenshots in px (yes, it\'s square)'),('site_host','',0,136,' - points js to executable files'),('static_host','',0,136,' - points js to images & scripts'),('cache_decay','25200',1,129,'default: 60 * 60 * 7 - time to keep cache in seconds'),('cache_mode','1',1,161,'default: 1 - set cache method - 0:filecache, 1:memcached'),('cache_dir','',1,136,'default: cache/template - generated pages are saved here (requires CACHE_MODE: filecache)'),('acc_failed_auth_block','900',2,129,'default: 15 * 60 - how long an account is closed after exceeding FAILED_AUTH_COUNT (in seconds)'),('acc_failed_auth_count','5',2,129,'default: 5 - how often invalid passwords are tolerated'),('acc_allow_register','1',2,132,'default: 1 - allow/disallow account creation (requires AUTH_MODE: aowow)'),('acc_auth_mode','0',2,145,'default: 0 - source to auth against - 0:aowow, 1:TC auth-table, 2:external script'),('acc_create_save_decay','604800',2,129,'default: 604800 - time in wich an unconfirmed account cannot be overwritten by new registrations'),('acc_recovery_decay','300',2,129,'default: 300 - time to recover your account and new recovery requests are blocked'),('session_timeout_delay','3600',3,129,'default: 60 * 60 - non-permanent session times out in time() + X'),('session.gc_maxlifetime','604800',3,200,'default: 7*24*60*60 - lifetime of session data'),('session.gc_probability','0',3,200,'default: 0 - probability to remove session data on garbage collection'),('session_cache_dir','',3,136,'default: - php sessions are saved here. Leave empty to use php default directory.'),('rep_req_upvote','125',4,129,'default: 125 - required reputation to upvote comments'),('rep_req_downvote','250',4,129,'default: 250 - required reputation to downvote comments'),('rep_req_comment','75',4,129,'default: 75 - required reputation to write a comment / reply'),('rep_req_supervote','2500',4,129,'default: 2500 - required reputation for double vote effect'),('rep_req_votemore_base','2000',4,129,'default: 2000 - gains more votes past this threshold'),('rep_reward_register','100',4,129,'default: 100 - activated an account'),('rep_reward_upvoted','5',4,129,'default: 5 - comment received upvote'),('rep_reward_downvoted','0',4,129,'default: 0 - comment received downvote'),('rep_reward_good_report','10',4,129,'default: 10 - filed an accepted report'),('rep_reward_bad_report','0',4,129,'default: 0 - filed a rejected report'),('rep_reward_dailyvisit','5',4,129,'default: 5 - daily visit'),('rep_reward_user_warned','-50',4,129,'default: -50 - moderator imposed a warning'),('rep_reward_comment','1',4,129,'default: 1 - created a comment (not a reply) '),('rep_req_premium','25000',4,129,'default: 25000 - required reputation for premium status through reputation'),('rep_reward_upload','10',4,129,'default: 10 - suggested / uploaded video / screenshot was approved'),('rep_reward_article','100',4,129,'default: 100 - submitted an approved article/guide'),('rep_reward_user_suspended','-200',4,129,'default: -200 - moderator revoked rights'),('rep_req_votemore_add','250',4,129,'default: 250 - required reputation per additional vote past threshold'),('serialize_precision','4',5,65,' - some derelict code, probably unused'),('memory_limit','2048M',5,200,'default: 2048M - parsing spell.dbc is quite intense'); /*!40000 ALTER TABLE `aowow_config` ENABLE KEYS */; UNLOCK TABLES; diff --git a/setup/setup.php b/setup/setup.php index ca423bc4..973235f1 100644 --- a/setup/setup.php +++ b/setup/setup.php @@ -23,7 +23,7 @@ require_once 'setup/tools/imagecreatefromblp.func.php'; function finish() { if (!getopt('d', ['delete'])) // generated with TEMPORARY keyword. Manual deletion is not needed - CLISetup::log('generated dbc_* - tables kept available'); + CLISetup::log('generated dbc_* - tables kept available', CLISetup::LOG_INFO); // send "i'm in use @" - ping $u = !empty($_SERVER['USER']) ? $_SERVER['USER'] : 'NULL'; diff --git a/setup/tools/CLISetup.class.php b/setup/tools/CLISetup.class.php index 63e2167c..618b0bed 100644 --- a/setup/tools/CLISetup.class.php +++ b/setup/tools/CLISetup.class.php @@ -17,11 +17,10 @@ class CLISetup const CHR_ESC = 27; const CHR_BACKSPACE = 127; - const FILE_ACCESS = 0755; - const LOG_OK = 0; const LOG_WARN = 1; const LOG_ERROR = 2; + const LOG_INFO = 3; private static $win = true; private static $logFile = ''; @@ -200,6 +199,11 @@ class CLISetup return "\e[33m".$str."\e[0m"; } + public static function blue($str) + { + return "\e[36m".$str."\e[0m"; + } + public static function bold($str) { return "\e[1m".$str."\e[0m"; @@ -230,15 +234,18 @@ class CLISetup $msg = str_pad(date('H:i:s'), 10); switch ($lvl) { - case self::LOG_ERROR: // red error + case self::LOG_ERROR: // red critical error $msg .= '['.self::red('ERR').'] '; break; - case self::LOG_WARN: // yellow warn - $msg .= '['.self::yellow('INFO').'] '; + case self::LOG_WARN: // yellow notice + $msg .= '['.self::yellow('WARN').'] '; break; case self::LOG_OK: // green success $msg .= '['.self::green('OK').'] '; break; + case self::LOG_INFO: // blue info + $msg .= '['.self::blue('INFO').'] '; + break; default: $msg .= ' '; } @@ -281,7 +288,7 @@ class CLISetup self::log(sprintf(ERR_CREATE_FILE, self::bold($file)), self::LOG_ERROR); if ($success) - @chmod($file, self::FILE_ACCESS); + @chmod($file, Util::FILE_ACCESS); return $success; } @@ -290,13 +297,13 @@ class CLISetup { if (is_dir($dir)) { - if (!is_writable($dir) && !@chmod($dir, self::FILE_ACCESS)) + if (!is_writable($dir) && !@chmod($dir, Util::FILE_ACCESS)) self::log('cannot write into output directory '.$dir, self::LOG_ERROR); return is_writable($dir); } - if (@mkdir($dir, self::FILE_ACCESS, true)) + if (@mkdir($dir, Util::FILE_ACCESS, true)) return true; self::log('could not create output directory '.$dir, self::LOG_ERROR); diff --git a/setup/tools/clisetup/account.func.php b/setup/tools/clisetup/account.func.php index 2ca70a85..f3260ab1 100644 --- a/setup/tools/clisetup/account.func.php +++ b/setup/tools/clisetup/account.func.php @@ -55,7 +55,7 @@ function account() else { CLISetup::log(); - CLISetup::log("account creation aborted", CLISetup::LOG_WARN); + CLISetup::log("account creation aborted", CLISetup::LOG_INFO); } } diff --git a/setup/tools/clisetup/dbconfig.func.php b/setup/tools/clisetup/dbconfig.func.php index b0acc649..b5b0dda7 100644 --- a/setup/tools/clisetup/dbconfig.func.php +++ b/setup/tools/clisetup/dbconfig.func.php @@ -132,7 +132,7 @@ function dbconfig() else { CLISetup::log(); - CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_WARN); + CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_INFO); sleep(1); continue 2; } @@ -141,7 +141,7 @@ function dbconfig() else { CLISetup::log(); - CLISetup::log("db setup aborted", CLISetup::LOG_WARN); + CLISetup::log("db setup aborted", CLISetup::LOG_INFO); break 2; } } diff --git a/setup/tools/clisetup/siteconfig.func.php b/setup/tools/clisetup/siteconfig.func.php index bda95f6f..0ff1e5ff 100644 --- a/setup/tools/clisetup/siteconfig.func.php +++ b/setup/tools/clisetup/siteconfig.func.php @@ -13,6 +13,8 @@ if (!CLI) function siteconfig() { + $reqKeys = ['SITE_HOST', 'STATIC_HOST']; + if (!DB::isConnected(DB_AOWOW)) { CLISetup::log(); @@ -25,55 +27,65 @@ function siteconfig() CLISetup::log(); CLISetup::log('select a numerical index to use the corresponding entry'); - $results = DB::Aowow()->select('SELECT *, (flags & ?d) AS php FROM ?_config ORDER BY php ASC', CON_FLAG_PHP); + $sumNum = 0; + $cfgList = []; $hasEmpty = false; - - foreach ($results as $idx => $data) + foreach (Util::$configCats as $idx => $cat) { - if (!($data['flags'] & CON_FLAG_PHP) && $data['value'] === '') - $hasEmpty = true; + CLISetup::log('===== '.$cat.' ====='); + $results = DB::Aowow()->select('SELECT *, (flags & ?d) AS php FROM ?_config WHERE `cat` = ?d ORDER BY `key` ASC', CON_FLAG_PHP, $idx); - $php = $data['flags'] & CON_FLAG_PHP; - $buff = "[".CLISetup::bold($idx)."] ".($idx > 9 ? '' : ' ').($php ? ' PHP ' : ' AOWOW '); - $buff .= str_pad($php ? strtolower($data['key']) : strtoupper('cfg_'.$data['key']), 35); - if ($data['value'] === '') - $buff .= CLISetup::red(''); - else + foreach ($results as $num => $data) { - $info = explode(' - ', $data['comment']); + if (!($data['flags'] & CON_FLAG_PHP) && $data['value'] === '' && in_array($data['key'], $reqKeys)) + $hasEmpty = true; - if ($data['flags'] & CON_FLAG_TYPE_BOOL) - $buff .= '[bool] '.($data['value'] ? '' : ''); - else if ($data['flags'] & CON_FLAG_OPT_LIST && !empty($info[2])) + $cfgList[$sumNum + $num] = $data; + + $php = $data['flags'] & CON_FLAG_PHP; + $buff = "[".CLISetup::bold($sumNum + $num)."] ".(($sumNum + $num) > 9 ? '' : ' ').($php ? ' PHP ' : ' AOWOW '); + $buff .= str_pad($php ? strtolower($data['key']) : strtoupper($data['key']), 35); + if ($data['value'] === '') + $buff .= in_array($data['key'], $reqKeys) ? CLISetup::red('') : ''; + else { - $buff .= "[opt] "; - foreach (explode(', ', $info[2]) as $option) + $info = explode(' - ', $data['comment']); + + if ($data['flags'] & CON_FLAG_TYPE_BOOL) + $buff .= '[bool] '.($data['value'] ? '' : ''); + else if ($data['flags'] & CON_FLAG_OPT_LIST && !empty($info[2])) { - $opt = explode(':', $option); - $buff .= '['.($data['value'] == $opt[0] ? 'x' : ' ').']'.$opt[1].' '; + $buff .= "[opt] "; + foreach (explode(', ', $info[2]) as $option) + { + $opt = explode(':', $option); + $buff .= '['.($data['value'] == $opt[0] ? 'x' : ' ').']'.$opt[1].' '; + } } - } - else if ($data['flags'] & CON_FLAG_BITMASK && !empty($info[2])) - { - $buff .= "[mask] "; - foreach (explode(', ', $info[2]) as $option) + else if ($data['flags'] & CON_FLAG_BITMASK && !empty($info[2])) { - $opt = explode(':', $option); - $buff .= '['.($data['value'] & (1 << $opt[0]) ? 'x' : ' ').']'.$opt[1].' '; + $buff .= "[mask] "; + foreach (explode(', ', $info[2]) as $option) + { + $opt = explode(':', $option); + $buff .= '['.($data['value'] & (1 << $opt[0]) ? 'x' : ' ').']'.$opt[1].' '; + } } + else if ($data['flags'] & CON_FLAG_TYPE_STRING) + $buff .= "[str] ".$data['value']; + else if ($data['flags'] & CON_FLAG_TYPE_FLOAT) + $buff .= "[float] ".floatVal($data['value']); + else /* if ($data['flags'] & CON_FLAG_TYPE_INT) */ + $buff .= "[int] ".intVal($data['value']); } - else if ($data['flags'] & CON_FLAG_TYPE_STRING) - $buff .= "[str] ".$data['value']; - else if ($data['flags'] & CON_FLAG_TYPE_FLOAT) - $buff .= "[float] ".floatVal($data['value']); - else /* if ($data['flags'] & CON_FLAG_TYPE_INT) */ - $buff .= "[int] ".intVal($data['value']); + + CLISetup::log($buff); } - CLISetup::log($buff); + $sumNum += count($results); } - CLISetup::log(str_pad("[".CLISetup::bold(count($results))."]", 21)."add another php configuration"); + CLISetup::log(str_pad("[".CLISetup::bold($sumNum)."]", 21)."add another php configuration"); if ($hasEmpty) { @@ -85,7 +97,7 @@ function siteconfig() if (CLISetup::readInput($inp) && $inp && $inp['idx'] !== '') { // add new php setting - if ($inp['idx'] == count($results)) + if ($inp['idx'] == $sumNum) { CLISetup::log(); CLISetup::log("Adding additional php configuration."); @@ -123,16 +135,16 @@ function siteconfig() else { CLISetup::log(); - CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_WARN); + CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_INFO); sleep(1); break; } } } // edit existing setting - else if ($inp['idx'] >= 0 && $inp['idx'] < count($results)) + else if ($inp['idx'] >= 0 && $inp['idx'] < $sumNum) { - $conf = $results[$inp['idx']]; + $conf = $cfgList[$inp['idx']]; $info = explode(' - ', $conf['comment']); $buff = ''; @@ -240,11 +252,11 @@ function siteconfig() while (true) { $use = $value; - if (CLISetup::readInput($use, $single) && $use) + if (CLISetup::readInput($use, $single)) { CLISetup::log(); - if (!$validate($use['idx'])) + if (!$validate($use ? $use['idx'] : '')) { CLISetup::log("value not in range", CLISetup::LOG_ERROR); sleep(1); @@ -260,7 +272,7 @@ function siteconfig() } else { - CLISetup::log("edit canceled! returning to selection...", CLISetup::LOG_WARN); + CLISetup::log("edit canceled! returning to selection...", CLISetup::LOG_INFO); sleep(1); break; } @@ -293,7 +305,7 @@ function siteconfig() else { CLISetup::log(); - CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_WARN); + CLISetup::log("edit canceled! returning to list...", CLISetup::LOG_INFO); sleep(1); break; } @@ -309,7 +321,7 @@ function siteconfig() else { CLISetup::log(); - CLISetup::log("site configuration aborted", CLISetup::LOG_WARN); + CLISetup::log("site configuration aborted", CLISetup::LOG_INFO); break; } } diff --git a/setup/tools/filegen/complexImg.func.php b/setup/tools/filegen/complexImg.func.php index 510920e8..f09f80ec 100644 --- a/setup/tools/filegen/complexImg.func.php +++ b/setup/tools/filegen/complexImg.func.php @@ -83,7 +83,7 @@ if (!CLI) $file = $path.'.png'; if (CLISetup::fileExists($file)) { - CLISetup::log('manually converted png file present for '.$path.'.', CLISetup::LOG_WARN); + CLISetup::log('manually converted png file present for '.$path.'.', CLISetup::LOG_INFO); $result = imagecreatefrompng($file); } @@ -152,7 +152,7 @@ if (!CLI) if ($ok) { - chmod($name.'.'.$ext, CLISetup::FILE_ACCESS); + chmod($name.'.'.$ext, Util::FILE_ACCESS); CLISetup::log($done.' - image '.$name.'.'.$ext.' written', CLISetup::LOG_OK); } else @@ -396,7 +396,7 @@ if (!CLI) $p = sprintf($imgPath, $mapLoc).$paths[0]; if (CLISetup::fileExists($p)) { - CLISetup::log(' - using files from '.($mapLoc ?: '/').' for locale '.Util::$localeStrings[$l], CLISetup::LOG_WARN); + CLISetup::log(' - using files from '.($mapLoc ?: '/').' for locale '.Util::$localeStrings[$l], CLISetup::LOG_INFO); $mapSrcDir = $p.'/'; break; } diff --git a/setup/tools/filegen/simpleImg.func.php b/setup/tools/filegen/simpleImg.func.php index 6564467f..9e9ee830 100644 --- a/setup/tools/filegen/simpleImg.func.php +++ b/setup/tools/filegen/simpleImg.func.php @@ -27,7 +27,7 @@ if (!CLI) $file = $path.'.png'; if (CLISetup::fileExists($file)) { - CLISetup::log('manually converted png file present for '.$path.'.', CLISetup::LOG_WARN); + CLISetup::log('manually converted png file present for '.$path.'.', CLISetup::LOG_INFO); $result = imagecreatefrompng($file); } @@ -183,7 +183,7 @@ if (!CLI) if ($ok) { - chmod($name.'.'.$ext, CLISetup::FILE_ACCESS); + chmod($name.'.'.$ext, Util::FILE_ACCESS); CLISetup::log($done.' - image '.$name.'.'.$ext.' written', CLISetup::LOG_OK); } else diff --git a/setup/updates/1436392800_01.sql b/setup/updates/1436392800_01.sql new file mode 100644 index 00000000..9e912077 --- /dev/null +++ b/setup/updates/1436392800_01.sql @@ -0,0 +1,15 @@ +ALTER TABLE `aowow_config` + ADD COLUMN `cat` TINYINT(3) UNSIGNED NOT NULL DEFAULT '5' AFTER `value`; + +INSERT IGNORE INTO `aowow_config` (`key`, `value`, `cat`, `flags`, `comment`) VALUES + ('cache_dir', '', 1, 136, 'default: cache/template - generated pages are saved here (requires CACHE_MODE: filecache)'), + ('session.gc_maxlifetime', '604800', 3, 200, 'default: 7*24*60*60 - lifetime of session data'), + ('session.gc_probability', '0', 3, 200, 'default: 0 - probability to remove session data on garbage collection'), + ('session_cache_dir', '', 3, 136, 'default: - php sessions are saved here. Leave empty to use php default directory.'); + +UPDATE `aowow_config` SET `key` = 'acc_failed_auth_block' WHERE `key` = 'failed_auth_exclusion'; +UPDATE `aowow_config` SET `key` = 'acc_failed_auth_count' WHERE `key` = 'failed_auth_count'; +UPDATE `aowow_config` SET `key` = 'acc_allow_register' WHERE `key` = 'allow_register'; +UPDATE `aowow_config` SET `key` = 'acc_auth_mode' WHERE `key` = 'auth_mode'; +UPDATE `aowow_config` SET `key` = 'acc_create_save_decay' WHERE `key` = 'account_create_save_decay'; +UPDATE `aowow_config` SET `key` = 'acc_recovery_decay' WHERE `key` = 'account_recovery_decay'; diff --git a/template/pages/acc-signIn.tpl.php b/template/pages/acc-signIn.tpl.php index 5228695d..5503d52f 100644 --- a/template/pages/acc-signIn.tpl.php +++ b/template/pages/acc-signIn.tpl.php @@ -61,7 +61,7 @@
'.Lang::account('accCreate')."\n"; endif; ?>